Lucene search
+L

5 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2020/01/18 12:0 a.m.130 views

Security update for uftpd (important)

openSUSE Security Update: Security update for uftpd Announcement ID: openSUSE-SU-2020:0069-1 Rating: important References: 1160199 Cross-References: CVE-2020-5204 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for uftpd to...

8.8CVSS8.9AI score0.01079EPSS
Exploits0References1
NVD
NVD
added 2020/01/06 8:15 p.m.25 views

CVE-2020-5204

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...

8.8CVSS7.3AI score0.01079EPSS
Exploits0References3
OSV
OSV
added 2020/01/06 8:15 p.m.19 views

CVE-2020-5204

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...

8.8CVSS7.3AI score
Exploits0References3
Cvelist
Cvelist
added 2020/01/06 7:10 p.m.26 views

CVE-2020-5204 Buffer overflow vulnerability in uftpd

In uftpd before 2.11, there is a buffer overflow vulnerability in handlePORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses...

6.5CVSS9AI score0.01079EPSS
Exploits0References3
CVE
CVE
added 2020/01/06 7:10 p.m.170 views

CVE-2020-5204

CVE-2020-5204 affects uftpd prior to 2.11. A buffer overflow exists in FTP PORT parsing (ftpcmd.c handle_PORT) where a 16-byte buffer can overflow when filling input with a format string like %d.%d.%d.%d using user input. The root cause is sprintf-based population of the IPv4-like string exceedin...

8.8CVSS7.8AI score0.01079EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder